<?php
    /**
    * login.php
    * 
    * @author Osuvaldo Ramos <xdracox@gmail.com>
    * @copyright Copyright (c) 2008, Osuvaldo Ramos
    * @license http://www.opensource.org/licenses/bsd-license.php
    * @package Atman
    */
    
    /**
    * The login application prompts for user login and validates a user's
    * login information.
    * @package Atman
    */
    class login extends AT_Module
    {
        /**
        * Constructor tells the Module base class the module name.
        * @param mixed $options Unused.
        */
        public function __construct($options)
        {
            parent::__construct('users');
        }
        
        /**
        * Defines the default event for the login application.
        */
        public function __default()
        {
            $this->setView(AT_View::factory('smarty', $this));
            
            $session = AT_Session::singleton();
            
            if ( $session->get('error') != NULL )
            {
                $this->set('error', $session->get('error'));
                $session->deset('errors');
            }
            
            $this->set('pageTitle', 'Login');
        }
        
        /**
        * Checks the post information for valid login credentials.
        */
        public function check()
        {
            if ( isset($_POST['login_email'], $_POST['login_password']) )
            {
                $email = $_POST['login_email'];
                $password = AT_User::hashPassword($_POST['login_password']);
                
                $session = AT_Session::singleton();
                
                $users = new AT_Users;
                $uid = $users->getUserIDByEmail($email);
                
                $url = AT_SITE_ROOT.'/users/login';
                
                if ( $uid == 0 )
                {
                    $error = 'Invalid email address.';
                }
                else
                {
                    $user = new AT_User($uid);
                    if ( $user->getStatus() == 'disabled' )
                    {
                        $error = 'Inactive account.';
                    }
                    else if ( $user->getPassword() != $password )
                    {
                        $error = 'Incorrect password.';
                    }
                    else
                    {
                        $session->set('userID', $user->getID());
                        
                        if ( isset($_GET['href']) )
                        {
                            $url = $_GET['href'];
                        }
                        else
                        {
                            $url = AT_SITE_ROOT.'/'.$user->getAccountType();
                        }
                    }
                }
                
                if ( isset($error) )
                {
                    $session->set('error', $error);
                }
                
                header('Location: '.$url);
            }
            else
            {
                header('Location: '.AT_SITE_ROOT.'/users/login');
            }
        }
        
        /**
        * __destruct()
        */
        public function __destruct()
        {
            parent::__destruct();
        }
    }
